Today Windows Azure supports up to 150 endpoints which is great for those applications that rely on persistent connections, like an FTP Server. You can run an FTP Server in 2 modes:

Active mode: The server connects to a negotiated client port

Passive mode: The client connects to anegotiated server port

Passive mode is by far the most popular choice since it doesn't require you to open ports on your machine together with firewall exceptions and port forwarding. With passive mode it's up to the server to open the required ports. Let's see how we can get an FTP Server running in Passive mode on Windows Azure…

Configuring the endpoints

So I've created a new Windows Server 2012 VM in the portal. What we need to do now is open a range of ports (let's say 100) that can be used by the FTP Server for the data connection. Usually you would do this through the portal:

Adding 100 ports manually through the portal can take some time, that's why we'll do it with Powershell. Take a look at the following script:

Configuring the FTP Server

We made the required changes to the endpoints, the only thing we need to do now is configure the FTP Server. First we'll see how we can configure the server in the UI. The first thing we need to do is add a Web Role and choose to install the FTP Server role services:

Then we need to create a new FTP Site in IIS, configure the port (2500) and set the authentication:

In the portal we opened the tcp ports 10000 to 10125. If we want Passive FTP to work, we need to configure the same range in IIS. This is done in the FTP Firewall Support feature. You'll need to fill in exactly the same port range together with the public IP of the VM. To find it simply ping the VM (ping xxx.cloudapp.net) or go to the portal.

Finally open the firewall and open the control channel port (2500) and the data channel port range (10000-10125):

And there you go, I'm able to connect to my FTP Server using Passive mode:

Installing and configuring the FTP Server automatically

While it's great to click around like an IT Pro, it's always useful to have a script that does all the heavy lifting for you.

Calling the script is very easy, you simply pass the name of the FTP Site, the root directory, the public port, the data channel range and the public IP. Remember that you need to run this on the VM, not on your own machine.